Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q1lOVdyWy5uYClKqY35IqNhzicA.cer
File: Q1lOVdyWy5uYClKqY35IqNhzicA.cer (raw, json)
Hash identifier: z0g0xdSVChunyDxKyOckkIQrFduWFhtbuXItvbo9OvQ=
Subject key identifier: 43:59:4E:55:DC:96:CB:9B:98:0A:52:AA:63:7E:48:A8:D8:73:89:C0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 019421B1F5D6B2EEB49653D1EFC2E3DA4060
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/Q1lOVdyWy5uYClKqY35IqNhzicA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Wed 01 Jan 2025 11:48:18 +0000
Certificate not after: Wed 01 Jul 2026 00:00:00 +0000
Subordinate resources: AS: 35193
IP: 5.145.120.0/21
IP: 85.239.160.0/19
IP: 2a00:b200::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 21:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:f5:d6:b2:ee:b4:96:53:d1:ef:c2:e3:da:40:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 11:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43594e55dc96cb9b980a52aa637e48a8d87389c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:47:32:ae:3e:f0:7e:be:0a:4d:ad:e3:3a:a6:
b7:f2:08:47:4d:fa:65:87:10:d2:c6:38:1e:95:d7:
a9:ca:69:63:96:00:72:88:b7:86:d6:7b:7a:ac:e2:
5d:18:c8:9e:13:54:b4:20:bc:75:a1:47:9f:75:db:
f5:d8:57:20:41:48:8c:16:77:dc:cc:40:5a:3a:86:
01:70:2f:6f:3b:07:5b:5a:08:60:70:78:78:6b:84:
9a:9a:d8:61:ab:12:fd:b4:b6:3d:c5:f2:dc:0c:94:
b4:66:19:82:27:11:47:16:48:84:4b:15:c5:6f:31:
85:70:88:1f:9e:bc:69:25:c2:49:8c:63:e5:44:32:
21:ed:34:75:48:2e:ad:42:a6:bf:aa:93:08:56:27:
db:14:74:73:09:c0:1c:86:7b:98:e7:ed:2d:03:ef:
fc:b5:a7:ab:d8:0f:40:f5:fb:85:1c:b3:e9:16:1e:
7a:ce:a7:90:9d:7b:e5:97:0d:90:da:e6:b6:2b:62:
f2:95:59:38:32:9b:e0:5d:f9:bc:dd:8e:15:98:d4:
12:d8:36:8f:f3:f5:ce:a8:9a:9d:7f:60:fe:4c:bd:
40:de:be:ee:5d:a6:46:39:71:31:9c:8a:60:75:9c:
ea:08:fe:4d:7a:01:70:66:c6:61:27:47:b3:6e:23:
cf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:59:4E:55:DC:96:CB:9B:98:0A:52:AA:63:7E:48:A8:D8:73:89:C0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/Q1lOVdyWy5uYClKqY35IqNhzicA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.120.0/21
85.239.160.0/19
IPv6:
2a00:b200::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35193
Signature Algorithm: sha256WithRSAEncryption
7e:50:90:21:84:d4:c6:12:5e:aa:a5:a5:5a:e9:3d:99:13:b8:
64:f6:8f:52:c4:94:42:13:57:18:9e:9f:ca:7f:69:45:c5:5d:
a2:11:3b:2c:cd:a5:a8:e5:92:70:24:67:16:9d:ce:ed:c6:84:
a9:7c:64:c1:79:cb:29:48:02:cb:f7:38:ce:f2:72:12:15:d5:
d3:5f:87:73:22:c1:5e:4e:4c:d1:94:2c:17:cb:c7:5e:4d:95:
8f:e3:ce:fa:cc:be:c2:2e:e5:82:49:85:d3:0a:50:2a:28:a8:
2a:0d:04:04:3e:b4:19:dc:ce:76:6b:bc:b8:ac:fb:07:a0:4c:
61:87:13:d2:25:f4:5e:33:d9:a3:c7:f3:f4:1a:93:20:6b:59:
ba:83:b6:0d:13:70:f5:c9:08:a3:d7:1e:2d:45:8e:e5:0f:69:
f7:fe:02:2d:bd:b1:74:45:c5:01:4c:5a:85:92:5c:0e:a6:2a:
12:6e:9f:c0:e3:a4:82:2b:a9:11:38:01:4f:6a:a6:54:cc:35:
e5:5a:30:40:e7:8c:ee:b2:d0:36:28:30:4e:c4:1d:a2:27:75:
16:36:59:29:0e:84:4c:84:69:e9:bd:31:57:53:b4:93:5c:45:
78:4d:f7:63:0f:b4:80:62:f8:23:3d:c2:90:8c:c6:64:41:22:
38:ae:bd:7e
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAZQhsfXWsu60llPR78Lj2kBgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjUwMTAxMTE0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU5NGU1NWRjOTZjYjliOTgwYTUyYWE2MzdlNDhhOGQ4NzM4OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskcyrj7wfr4KTa3jOqa38ghHTfpl
hxDSxjgeldepymljlgByiLeG1nt6rOJdGMieE1S0ILx1oUefddv12FcgQUiMFnfc
zEBaOoYBcC9vOwdbWghgcHh4a4SamthhqxL9tLY9xfLcDJS0ZhmCJxFHFkiESxXF
bzGFcIgfnrxpJcJJjGPlRDIh7TR1SC6tQqa/qpMIVifbFHRzCcAchnuY5+0tA+/8
taer2A9A9fuFHLPpFh56zqeQnXvllw2Q2ua2K2LylVk4MpvgXfm83Y4VmNQS2DaP
8/XOqJqdf2D+TL1A3r7uXaZGOXExnIpgdZzqCP5NegFwZsZhJ0ezbiPPAQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFENZTlXclsubmApSqmN+SKjYc4nAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1Lzg1ZTEy
NS04NWQ2LTQzZjAtOThiZi1kOGZhMGVkYTNhYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvODVlMTI1
LTg1ZDYtNDNmMC05OGJmLWQ4ZmEwZWRhM2FiZS8xL1ExbE9WZHlXeTV1WUNsS3FZ
MzVJcU5oemljQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDBZF4AwQFVe+gMA0EAgACMAcDBQAqALIAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCJeTANBgkqhkiG9w0BAQsFAAOCAQEAflCQ
IYTUxhJeqqWlWuk9mRO4ZPaPUsSUQhNXGJ6fyn9pRcVdohE7LM2lqOWScCRnFp3O
7caEqXxkwXnLKUgCy/c4zvJyEhXV01+HcyLBXk5M0ZQsF8vHXk2Vj+PO+sy+wi7l
gkmF0wpQKiioKg0EBD60GdzOdmu8uKz7B6BMYYcT0iX0XjPZo8fz9BqTIGtZuoO2
DRNw9ckIo9ceLUWO5Q9p9/4CLb2xdEXFAUxahZJcDqYqEm6fwOOkgiupETgBT2qm
VMw15VowQOeM7rLQNigwTsQdoid1FjZZKQ6ETIRp6b0xV1O0k1xFeE33Yw+0gGL4
Iz3CkIzGZEEiOK69fg==
-----END CERTIFICATE-----
Generated at Sun Feb 2 03:57:33 2025 by rpki-client